Full disk encryption needed for flash devices
Did they try setting up the device for encryption? The one concern I would have with that is whether the person logged onto the device before encrypting it, leaving the original keys in place until they are fortuitiously deleted at some random time in the future. Similar problems exist with all flash devices, including USB keys and SSD. Unless the drive is configured with full disk encryption, the data is available until that section of flash is erased. Because of flash overprovisioning, it's not possible to determine when that happens, although it may or may not be readable through the normal interface. I recently looked up SSD forensics, and it's amazing what can be retrieved, especially by dedicated parties who are willing to access the flash device directly.